CVE-2026-49759 | Erlang OTP up to 16.x/17.0.1/29.0.1 SCTP inet_drv.c sctp_parse_error_chunk spec[] stack-based overflow (GHSA-6f4f-chj5-5g97)

A vulnerability described as critical has been identified in Erlang OTP up to 16.x/17.0.1/29.0.1. The affected element is the function sctp_parse_error_chunk of the file erts/emulator/drivers/common/inet_drv.c of the component SCTP Handler. The manipulation of the argument spec[] results in stack-based buffer overflow.

This vulnerability is known as CVE-2026-49759. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More